Skip to content

Commit 855e11d

Browse files
committed
RUBY-1100 Don't share OpenSSL::Digest::SHA1 object between scram conversations
1 parent e65a573 commit 855e11d

File tree

1 file changed

+9
-3
lines changed

1 file changed

+9
-3
lines changed

lib/mongo/auth/scram/conversation.rb

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -290,7 +290,7 @@ def first_bare
290290
#
291291
# @since 2.0.0
292292
def h(string)
293-
DIGEST.digest(string)
293+
digest.digest(string)
294294
end
295295

296296
# HI algorithm implementation.
@@ -305,7 +305,7 @@ def hi(data)
305305
data,
306306
Base64.strict_decode64(salt),
307307
iterations,
308-
DIGEST.size
308+
digest.size
309309
)
310310
end
311311

@@ -317,7 +317,7 @@ def hi(data)
317317
#
318318
# @since 2.0.0
319319
def hmac(data, key)
320-
OpenSSL::HMAC.digest(DIGEST, data, key)
320+
OpenSSL::HMAC.digest(digest, data, key)
321321
end
322322

323323
# Get the iterations from the server response.
@@ -451,6 +451,12 @@ def validate!(reply)
451451
raise Unauthorized.new(user) unless reply.documents[0][Operation::Result::OK] == 1
452452
@reply = reply
453453
end
454+
455+
private
456+
457+
def digest
458+
@digest ||= OpenSSL::Digest::SHA1.new.freeze
459+
end
454460
end
455461
end
456462
end

0 commit comments

Comments
 (0)